def index(request): site_url = utility.get_site_url(request) if request.user.is_authenticated(): #return redirect(reverse('profile:home')) user_profile = Profile.objects.get(user=request.user) site_url = utility.get_site_url(request) return render(request, 'eprofile/home.html', dict( user_profile=user_profile, site_url=site_url, )) else: return render(request, 'account/login_signup.html', { 'site_url': site_url, })
def update_profile_photo(request): site_url = utility.get_site_url(request) user_profile = Profile.objects.get(user=request.user) # Handle file upload if request.method == 'POST': form = ImageUploadForm(request.POST, request.FILES) if form.is_valid(): photo = Photo(user=request.user, photo=request.FILES['img_file']) photo.save() # print('name=', cover.photo.name) # print('path=', cover.photo.path) # print('url=', cover.photo.url) # Redirect to the document list after POST profile = Profile.objects.get(user=photo.user) profile.profile_photo = photo.photo.name profile.save(update_fields=['profile_photo']) return HttpResponseRedirect(reverse('profile:profile')) else: form = ImageUploadForm() # A empty, unbound form return render( request, 'eprofile/photos.html', dict(site_url=site_url, form_heading='Upload Profile Photo', instruction= 'Cover photo must be at least 200px tall and 200px wide.', action=reverse('profile:update_profile_photo'), form=form, user_profile=user_profile))
def activate(request, activation_key): message = '' message_type = 'error' site_url = utility.get_site_url(request) if request.user.is_authenticated(): # user already has an account and is authenticated; don't let them register again message = u'''You are logged in as {username}. If you want to activate another account, <a href="{url}">Logout</a> first and click on the activation link again. '''.format(url=settings.LOGOUT_URL, username=html.escape(request.user.username)) message_type = 'info' else: # user_profile = get_object_or_404(UserProfile, activation_key=activation_key) acct_set = list( Activation.objects.filter(Q(activation_key=activation_key))[:1]) activation_url = reverse('account:activation') valid = True if not acct_set: message = u'''The activation code is not valid. You may request new activation link</a> to activate your account. '''.format(url=activation_url) valid = False else: acct = acct_set[0] user = acct.user if user.is_active: message = u'''Account associated with this activation code is active. You may <a href="{url}">Login</a> to your account. '''.format(url=settings.LOGIN_URL) message_type = 'info' valid = True else: if timezone.now() < acct.key_expires: user.is_active = True user.save() message = u'''Your account has been activated successfully. You can now <a class="btn btn-success" href="{login}">Login</a> to your account. '''.format(login=settings.LOGIN_URL) message_type = 'success' valid = True else: message = u'''The activation link has expired. You may <a class="btn btn-success" href="{activation_link}">Request New Activation Link</a> to activate your account. '''.format(activation_url) message_type = 'error' valid = False if valid: return render( request, 'main/message.html', { 'site_url': site_url, 'message_type': message_type, 'message': message, }) else: return render(request, 'account/activate.html', dict(site_url=site_url, error_message=message))
def activation(request): site_url = utility.get_site_url(request) valid = False error_message = [] message_type = 'info' email = '' user = None if request.user.is_authenticated(): # user already has an account and is authenticated; don't let them register again error_message = [ u'''You are logged in as {username}. If you want to activate another account, please <a href="{logout}">Logout</a> first. '''.format(username=html.escape( request.user.username), logout=settings.LOGOUT_URL) ] valid = False # If it's a HTTP POST, we're interested in processing form data. elif request.method == 'POST': email = request.POST.get('email', '') if not email: error_message = [u'You must fill in account email address.'] valid = False else: # check if username and email exist in database user_set = list( models.User.objects.filter(Q(username=email) | Q(email=email))[:1]) if user_set: valid = True user = user_set[0] else: error_message = [ u'''Account with email {username} does not exist. <a href="{signup}"> Sign up for a new account?</a> '''.format(username=html.escape(email), signup=reverse('account:signup')) ] valid = False if valid and user: # user.set_password(password) generate_activation_key_and_send_email(site_url, user) message = u'''You'll shortly receive your account activation link in {email}. Please follow the instructions provided in the email to reset your password. '''.format(email=html.escape(email)) return render( request, 'main/message.html', dict(site_url=site_url, message_type='success', message=message)) else: return render( request, 'account/activate.html', dict(site_url=site_url, error_message=' '.join(error_message), email=email))
def profile(request): user_profile = Profile.objects.get(user=request.user) site_url = utility.get_site_url(request) schools = Education.objects.filter(user=user_profile) user_profile.schools = schools user_profile.positions = Experience.objects.filter(user=user_profile) return render(request, 'eprofile/profile.html', dict( user_profile=user_profile, site_url=site_url, ))
def user_login(request): # print('site = ', request.get_host()) site_url = utility.get_site_url(request) if request.method == 'POST': username = request.POST.get('username', '') password = request.POST.get('password', '') valid = False error_message = [] if not username or not password: error_message = ['You must fill in all of the fields'] else: user = auth.authenticate(username=username, password=password) if user is not None: if user.is_active: # correct password, and the user is marked active auth.login(request, user) request.session['user_id'] = user.id valid = True else: url = reverse('account:activation') error_message = [ u'''The account is not active. Please check you email for activation link or you may <a href="{url}">Request New Activation Link</a> to activate your account. '''.format(url=url) ] else: error_message = ["Invalid username or password"] if valid: return HttpResponseRedirect('/profile/') else: return render( request, 'account/login.html', { 'site_url': site_url, 'error_message': ' '.join(error_message), 'username': username, 'password': password, }) else: # No context variables to pass to the template system, hence blank # dictionary object... return render(request, 'account/login.html', { 'site_url': site_url, })
def experience(request, uuid=None): site_url = utility.get_site_url(request) user_profile = Profile.objects.get(user=request.user) form_title = 'Add a position' form_action = reverse('profile:experience') if request.POST: if not uuid: # must be a new position exp = Experience(user=user_profile) exp_form = ExperienceForm(request.POST, instance=exp) else: exps = Experience.objects.filter( Q(user=user_profile) & Q(uuid=uuid)) if exps: exp = exps[0] exp_form = EducationForm(request.POST, instance=exp) else: # some one may be trying to hack ? return HttpResponseRedirect( reverse('profile:profile') + "#tab_experience") if exp_form.is_valid(): exp_form.save() return HttpResponseRedirect(reverse('profile:profile')) else: if uuid: # load existing data to update exp = Experience.objects.get(uuid=uuid) exp_form = EducationForm(instance=exp) form_title = 'Edit position' form_action = reverse('profile:update_experience', kwargs={'uuid': uuid}) else: exp_form = ExperienceForm() return render( request, 'eprofile/experience.html', dict(site_url=site_url, form_title=form_title, form_action=form_action, form=exp_form, user_profile=user_profile))
def update_summary(request): site_url = utility.get_site_url(request) user_profile = Profile.objects.get(user=request.user) # pro = Profile.objects.get(user=request.user) if request.method == 'POST': summary_form = ProfileSummaryForm(request.POST, instance=user_profile) if summary_form.is_valid(): summary_form.save() return HttpResponseRedirect( reverse('profile:profile') + "#tab_summary") else: summary_form = ProfileSummaryForm(instance=user_profile) return render( request, 'eprofile/update_form.html', dict(site_url=site_url, form_title='Update Profile Summary', form_action=reverse('profile:update_summary'), form=summary_form, user_profile=user_profile))
def update_card(request): site_url = utility.get_site_url(request) user_profile = Profile.objects.get(user=request.user) # load existing card info user_profile = Profile.objects.get(user=request.user) if request.method == 'POST': card_form = ProfileCardForm(request.POST, instance=user_profile) if card_form.is_valid(): card_form.save() return HttpResponseRedirect(reverse('profile:profile')) else: card_form = ProfileCardForm(instance=user_profile) return render( request, 'eprofile/update_form.html', dict(site_url=site_url, form_title='Update Profile Card Information', form_action=reverse('profile:update_card'), form=card_form, user_profile=user_profile))
def update_school(request, uuid=None): site_url = utility.get_site_url(request) user_profile = Profile.objects.get(user=request.user) form_title = 'Add a college/school' form_action = reverse('profile:update_school') if request.POST: if not uuid: # must be a new school school = Education(user=user_profile) school_form = EducationForm(request.POST, instance=school) else: school = Education.objects.get(Q(user=user_profile) & Q(uuid=uuid)) # some one may have tried to hack db if school: school_form = EducationForm(request.POST, instance=school) else: return HttpResponseRedirect(reverse('profile:profile')) if school_form.is_valid(): school_form.save() return HttpResponseRedirect(reverse('profile:profile')) else: if uuid: # load existing data to update school = Education.objects.get(uuid=uuid) school_form = EducationForm(instance=school) form_title = 'Edit college/school' form_action = reverse('profile:update_school_uuid', kwargs={'uuid': uuid}) else: school_form = EducationForm() return render( request, 'eprofile/school.html', dict(site_url=site_url, form_title=form_title, form_action=form_action, form=school_form, user_profile=user_profile))
def signup(request): site_url = utility.get_site_url(request) valid = False error_message = [] message_type = 'info' first_name = '' last_name = '' email = '' password = '' # path = request.get_full_path() # print('path = ', path) if request.user.is_authenticated(): # user already has an account and is authenticated; don't let them register again error_message = [ u'''You are logged in as {username}. If you'd like to register another account, <a href="{url}">Logout</a> first. '''.format(username=html.escape( request.user.username), url=settings.LOGOUT_URL) ] valid = False # If it's a HTTP POST, we're interested in processing form data. elif request.method == 'POST': first_name = request.POST.get('first_name', '') last_name = request.POST.get('last_name', '') email = request.POST.get('email', '') password = request.POST.get('password', '') if not first_name or not last_name or not email or not password: error_message = [u'You must fill in all of the fields.'] valid = False else: # check for duplicate username and email user = models.User.objects.filter( Q(username=email) | Q(email=email)) if user: url = reverse('account:recover') error_message = [ u'''Account with email {email} already exists. <a href="{url}"> Forgot your password? </a> '''.format(email=html.escape(email), url=url) ] valid = False else: try: validate_password(password) valid = True except ValidationError as ex: valid = False for e in ex: error_message.append(e) else: return render(request, 'account/signup.html', { 'site_url': site_url, }) if valid: # Save the user's form data to the database. user = models.User.objects.create_user(email, email, password) user.first_name = first_name user.last_name = last_name user.is_active = False user.is_superuser = False user.is_staff = False # user.set_password(password) user.save() card_name = "%s %s" % (user.first_name, user.last_name) profile = Profile(user=user, card_name=card_name, card_email=user.email) profile.save() generate_activation_key_and_send_email(site_url, user) # send_mail(subject, message, from_email, to_list, html_message=html_message, fail_silently=True) # Update our variable to tell the template registration was successful. error_message = [ u'''New account created successfully. You'll receive your activation link in {0:s}. You must activate you account before you can log in...''' .format(html.escape(user.email)) ] return render( request, 'main/message.html', { 'site_url': site_url, 'message_type': 'success', 'message': ' '.join(error_message), }) else: return render( request, 'account/signup.html', { 'site_url': site_url, 'error_message': ' '.join(error_message), 'first_name': first_name, 'last_name': last_name, 'email': email, 'password': password, })
def reset_password(request, key=None): error_message = '' message_type = 'error' site_url = utility.get_site_url(request) success = False user = None recovery = None if request.user.is_authenticated(): user = request.user else: valid = True recovery_set = list( Recovery.objects.filter( recovery_key=key).order_by('-key_expires')[:1]) if not recovery_set: error_message = u'''The password reset link is not valid. You may request a new reset link. ''' valid = False else: recovery = recovery_set[0] user = recovery.user # check if this activation link has been already used to set password if recovery.password: error_message = u'''The password reset code is not valid. You may request a new activation link to reset your password. ''' valid = False else: if timezone.now() > recovery.key_expires: error_message = u'''The password reset code is not valid. You may request a new activation link to reset your password. ''' valid = False if not valid: return render( request, 'account/recover.html', dict(site_url=site_url, error_message=error_message, email='')) if request.method == 'POST': pass1 = request.POST.get('password1', '') pass2 = request.POST.get('password2', '') error_message = validate_passwords(pass1, pass2) if not error_message: user.set_password(pass1) user.save() message = u'''Your password has been changed.''' # password change for logged in user if not request.user.is_authenticated(): recovery.password = user.password recovery.save() message = u'''Your password has been changed. You can now <a class="btn btn-success" href="{login}">Log In</a> to your account. '''.format(settings.LOGIN_URL) message_type = 'success' return render( request, 'main/message.html', { 'site_url': site_url, 'message_type': message_type, 'message': message, }) else: return render( request, 'account/password.html', { 'site_url': site_url, 'error_message': error_message, 'password1': pass1, 'password2': pass2, }) else: return render(request, 'account/password.html', dict(site_url=site_url, key=key))
def recover(request): site_url = utility.get_site_url(request) valid = False error_message = [] message_type = 'info' email = '' user = None if request.user.is_authenticated(): # user already has an account and is authenticated; don't let them register again error_message = [ u'''You are logged in as {username}. If you want to recover another account, please <a href="{logout}">Logout</a> first. '''.format(username=html.escape( request.user.username), logout=settings.LOGOUT_URL) ] valid = False # If it's a HTTP POST, we're interested in processing form data. elif request.method == 'POST': email = request.POST.get('email', '') if not email: error_message = [u'You must fill in account email address.'] valid = False else: # check if username and email exist in database user_set = list( models.User.objects.filter(Q(username=email) | Q(email=email))[:1]) if user_set: valid = True user = user_set[0] else: error_message = [ u'''Account with email {username} does not exist. <a href="{signup}"> Sign up for a new account?</a> '''.format(username=html.escape(email)) ] valid = False else: return render(request, 'account/recover.html', { 'site_url': site_url, }) if valid and user: # user.set_password(password) recovery_key = str(uuid.uuid4()) recovery_key = hashlib.sha256(recovery_key.encode('utf-8')).hexdigest() key_expires = timezone.now() + datetime.timedelta(2) # Now sort out the UserProfile instance. recovery = Recovery(user=user, recovery_key=recovery_key, key_expires=key_expires) recovery.save() link = reverse('account:reset_password', args=(recovery_key, )) subject = "Requested password reset" txt_message = u'''Hey there, To reset your password, please copy/paste and load the following link to your browser and follow the instruction. Please note that reset link will expire in 48 hours. If you didn't issue a password reset, you cansafely ignore this email. {link} Best, {brand_name} Account Team '''.format(link=link, brand_name=settings.BRAND_NAME) html_message = u'''Hey there, <br /><br /> To reset your {brand_name} account password, click on the following link.<br /><br /> Please note that reset link will expire in 48 hours. If you didn't issue a password reset, you can safely ignore this email.<br /><br /> {link} <br /><br /> Best,<br /> {brand_name} Account Team '''.format(brand_name=settings.BRAND_NAME, link=link) from_email = settings.EMAIL_HOST_USER to_list = [email] msg = mail.EmailMultiAlternatives(subject, txt_message, from_email, to_list) msg.attach_alternative(html_message, "text/html") msg.send() message = u'''You'll shortly receive your password reset link in {0:s}. Please follow the instructions provided in the email to reset your password.'''.format( html.escape(email)) return render( request, 'main/message.html', dict(site_url=site_url, message_type='success', message=message)) else: return render( request, 'account/recover.html', dict(site_url=site_url, error_message=' '.join(error_message), email=email))